When we discuss cloud computing and the network security framework around it, we frequently refer to NIST.

NIST stands for the National Institute of Standards and Technology. It promotes the U.S. economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure. The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems.

The NIST Definition of Cloud Computing

Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models.

Five essential characteristics of Cloud Computing

According to NIST, cloud computing is described as follows:

On-demand self-service. A network engineer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider (for example, AWS or Azure).

Broad network access. Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops, and workstations). An example of a thick client is a desktop computer with standard hardware and locally installed operating system and applications. An example of a thin client is a web browser (e.g., web-based email) or a Chromebook with minimal CPU, memory resources and local storage - it outsources the hard work to infrastructure that's stored on a cloud.

Resource pooling. The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. The customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or datacenter). Examples of resources include storage, processing, memory, and network bandwidth.

There are instances where a client uses a single-tenant model. Infrastructure updates and network security requirements become quite complex in this case.

Rapid elasticity. Capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be appropriated in any quantity at any time.

When companies consider IT budgets, cloud computing transforms the fixed cost of building and operating a data center into a variable cost.

Measured service. Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported, providing transparency for both the provider and consumer of the utilized service.

Source: https://csrc.nist.gov/publications/detail/sp/800-145/final